From 753e5f839b606fd3992678d5d7bb7d2916040e86 Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Thu, 20 May 2010 18:06:21 -0400 Subject: Working defaultauth --- core/usermanager.lua | 30 +++++++++----- plugins/mod_auth_default.lua | 92 ------------------------------------------ plugins/mod_defaultauth.lua | 96 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 117 insertions(+), 101 deletions(-) delete mode 100644 plugins/mod_auth_default.lua create mode 100644 plugins/mod_defaultauth.lua diff --git a/core/usermanager.lua b/core/usermanager.lua index 6d43dca9..74e8fd6e 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -30,23 +30,37 @@ function new_null_provider() end local function host_handler(host) + log("debug", "host_handler called with host '%s'", host); local host_session = hosts[host]; - host_session.events.add_handler("item-added/auth-provider", function (provider) - log("debug", "authentication provider = '%s'", config.get(host, "core", "authentication")); - if config.get(host, "core", "authentication") == provider.name then + host_session.events.add_handler("item-added/auth-provider", function (event) + local provider = event.item; + if provider == nil then + log("debug", "auth provider is nil"); + else + log("debug", "auth provider is not nil"); + end + if config.get(host, "core", "authentication") == nil and provider.name == "default" then + host_session.users = provider; + elseif config.get(host, "core", "authentication") == provider.name then host_session.users = provider; end + if provider.name == nil then + log("debug", "authentication provider name is nil"); + else + log("debug", "authentication provider name = '%s'", provider.name); + end end); - host_session.events.add_handler("item-removed/auth-provider", function (provider) + host_session.events.add_handler("item-removed/auth-provider", function (event) + local provider = event.item; if host_session.users == provider then host_session.users = new_null_provider(); end end); end -prosody.events.add_handler("host-activated", host_handler); -prosody.events.add_handler("component-activated", host_handler); +prosody.events.add_handler("host-activated", host_handler, 100); +prosody.events.add_handler("component-activated", host_handler, 100); -local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end +function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end function validate_credentials(host, username, password, method) return hosts[host].users.test_password(username, password); @@ -89,6 +103,4 @@ function is_admin(jid, host) end end -_M.new_default_provider = new_default_provider; - return _M; diff --git a/plugins/mod_auth_default.lua b/plugins/mod_auth_default.lua deleted file mode 100644 index 6151b6c1..00000000 --- a/plugins/mod_auth_default.lua +++ /dev/null @@ -1,92 +0,0 @@ --- Prosody IM --- Copyright (C) 2008-2010 Matthew Wild --- Copyright (C) 2008-2010 Waqas Hussain --- Copyright (C) 2010 Jeff Mitchell --- --- This project is MIT/X11 licensed. Please see the --- COPYING file in the source package for more information. --- - -local datamanager = require "util.datamanager"; -local log = require "util.logger".init("usermanager"); -local type = type; -local error = error; -local ipairs = ipairs; -local hashes = require "util.hashes"; -local jid_bare = require "util.jid".bare; -local config = require "core.configmanager"; -local hosts = hosts; - -local prosody = _G.prosody; - -function new_default_provider(host) - local provider = { name = "default" }; - - function provider.test_password(username, password) - log("debug", "test password for user %s at host %s", username, host); - if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end - local credentials = datamanager.load(username, host, "accounts") or {}; - - if password == credentials.password then - return true; - else - return nil, "Auth failed. Invalid username or password."; - end - end - - function provider.get_password(username) - log("debug", "get password for user %s at host %s", username, host); - if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end - return (datamanager.load(username, host, "accounts") or {}).password; - end - - function provider.set_password(username, password) - if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end - local account = datamanager.load(username, host, "accounts"); - if account then - account.password = password; - return datamanager.store(username, host, "accounts", account); - end - return nil, "Account not available."; - end - - function provider.user_exists(username) - if is_cyrus(host) then return true; end - local account = datamanager.load(username, host, "accounts"); - if not account then - log("debug", "account not found for username '%s' at host '%s'", username, host); - return nil, "Auth failed. Invalid username"; - end - if account.password == nil or string.len(account.password) == 0 then - log("debug", "account password not set or zero-length for username '%s' at host '%s'", username, host); - return nil, "Auth failed. Password invalid."; - end - return true; - end - - function provider.create_user(username, password) - if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end - return datamanager.store(username, host, "accounts", {password = password}); - end - - function provider.get_supported_methods() - return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config - end - - function provider.is_admin(jid) - local admins = config.get(host, "core", "admins"); - if admins ~= config.get("*", "core", "admins") and type(admins) == "table" then - jid = jid_bare(jid); - for _,admin in ipairs(admins) do - if admin == jid then return true; end - end - elseif admins then - log("error", "Option 'admins' for host '%s' is not a table", host); - end - return is_admin(jid); -- Test whether it's a global admin instead - end - return provider; -end - -module:add_item("auth-provider", new_default_provider(module.host)); - diff --git a/plugins/mod_defaultauth.lua b/plugins/mod_defaultauth.lua new file mode 100644 index 00000000..6782ae09 --- /dev/null +++ b/plugins/mod_defaultauth.lua @@ -0,0 +1,96 @@ +-- Prosody IM +-- Copyright (C) 2008-2010 Matthew Wild +-- Copyright (C) 2008-2010 Waqas Hussain +-- Copyright (C) 2010 Jeff Mitchell +-- +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- + +local datamanager = require "util.datamanager"; +local log = require "util.logger".init("usermanager"); +local type = type; +local error = error; +local ipairs = ipairs; +local hashes = require "util.hashes"; +local jid_bare = require "util.jid".bare; +local config = require "core.configmanager"; +local usermanager = require "core.usermanager"; +local hosts = hosts; + +local prosody = _G.prosody; + +local is_cyrus = usermanager.is_cyrus; + +function new_default_provider(host) + local provider = { name = "default" }; + log("debug", "initializing default authentication provider for host '%s'", host); + + function provider.test_password(username, password) + log("debug", "test password '%s' for user %s at host %s", password, username, module.host); + if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end + local credentials = datamanager.load(username, host, "accounts") or {}; + + if password == credentials.password then + return true; + else + return nil, "Auth failed. Invalid username or password."; + end + end + + function provider.get_password(username) + log("debug", "get_password for username '%s' at host '%s'", username, module.host); + if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end + return (datamanager.load(username, host, "accounts") or {}).password; + end + + function provider.set_password(username, password) + if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end + local account = datamanager.load(username, host, "accounts"); + if account then + account.password = password; + return datamanager.store(username, host, "accounts", account); + end + return nil, "Account not available."; + end + + function provider.user_exists(username) + if is_cyrus(host) then return true; end + local account = datamanager.load(username, host, "accounts"); + if not account then + log("debug", "account not found for username '%s' at host '%s'", username, module.host); + return nil, "Auth failed. Invalid username"; + end + if account.password == nil or string.len(account.password) == 0 then + log("debug", "account password not set or zero-length for username '%s' at host '%s'", username, module.host); + return nil, "Auth failed. Password invalid."; + end + return true; + end + + function provider.create_user(username, password) + if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end + return datamanager.store(username, host, "accounts", {password = password}); + end + + function provider.get_supported_methods() + return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config + end + + function provider.is_admin(jid) + local admins = config.get(host, "core", "admins"); + if admins ~= config.get("*", "core", "admins") and type(admins) == "table" then + jid = jid_bare(jid); + for _,admin in ipairs(admins) do + if admin == jid then return true; end + end + elseif admins then + log("error", "Option 'admins' for host '%s' is not a table", host); + end + return is_admin(jid); -- Test whether it's a global admin instead + end + return provider; +end + +module:add_item("auth-provider", new_default_provider(module.host)); + -- cgit v1.2.3